This is yet another CTF challenge from tryhackme. This is my first blog post after the holiday and the challenge covers the very basic codes and hashes cracking. Hope you enjoy the write-up.
Task 1: Translation and shifting
This task required the challenger to perform a translation or shifting certain ciphers such as ROT13, ROT47, Morse code, etc.
Task 1-1: Leet a.k.a l33t
Leet is a form of font which is used mostly on the internet. Is a famous font used by numerous hackers.
Cipher: c4n y0u c4p7u23 7h3 f149
Solution: This is a straight forward task, you can guess the answer easily. Or, using this converter.
Answer: can you capture the flag
Task 1-2: Binary to ASCII
Binary is a type of machine language.
Cipher: 01101100 01100101 01110100 01110011 00100000 01110100 01110010 01111001 00100000 01110011 01101111 01101101 01100101 00100000 01100010 01101001 01101110 01100001 01110010 01111001 00100000 01101111 01110101 01110100 00100001
Solution: Copy the cipher code into the converter.
Answer: lets try some binary out!
Task 1-3: Base32
Base32 is a common transfer encoding. It consists of 32-char set. These char-sets are usually alphabet in uppercase.
Cipher:MJQXGZJTGIQGS4ZAON2XAZLSEBRW63LNN5XCA2LOEBBVIRRHOM======
Solution: Put the cipher code into the converter
Answer: base32 is super common in CTF’s
Task 1-4: Base64
Base64 is another common transfer encoding. It consists of 64-char set. These char-sets are usually alphabet in uppercase and lowercase.
Cipher:RWFjaCBCYXNlNjQgZGlnaXQgcmVwcmVzZW50cyBleGFjdGx5IDYgYml0cyBvZiBkYXRhLg==
Solution: Put the cipher code into the converter
Answer: Each Base64 digit represents exactly 6 bits of data.
Task 1-5: Hex to ASCII
Hex consists of 16 bits of binary. It also known as base16.
Cipher: 68 65 78 61 64 65 63 69 6d 61 6c 20 6f 72 20 62 61 73 65 31 36 3f
Solution: Copy the cipher into the converter
Answer: hexadecimal or base16?
Task 1-6: Rot 13
Rot 13 or known as rotate 13 is a form of Caesar cipher which rotate in 13 times.
Cipher: Ebgngr zr 13 cynprf!
Solution: Punch in the cipher into the converter
Answer: Rotate me 13 places!
Task 1-7: Rot 47
Rot 47 or known as rotate 47 is another form of Caesar cipher which rotate in 47 times. It encode almost all visible ASCII character.
Cipher: *@F DA:? >6 C:89E C@F?5 323J C:89E C@F?5 Wcf E:>6DX
Solution: Copy the cipher into the converter
Answer: You spin me right round baby right round (47 times)
Task 1-8: Morse code
Morse code is a combination of signal made of short and long impulsion (dot and dash). It was designed for telecommunication.
Cipher: – . .-.. . -.-. — — — . .- -. .. -.-. .- – .. — -. . -. -.-. — -.. .. -. –.
Solution: Put the cipher into the converter
Answer: telecommunication encoding
Task 1-9: BCD to ASCII
Binary-Coded Decimal (BCD) is a base10 encoding technique.
Cipher: 85 110 112 97 99 107 32 116 104 105 115 32 66 67 68
Solution: Punch in the cipher into the converter
Answer: Unpack this BCD
Task 1-10: Multiple cipher
This task consists of multiple ciphers. Challenger required to decode the cipher from the previous task
Cipher 1: Base64
Cipher 2: Morse code
Cipher 3: Binary to ASCII
Cipher 4: ROT 47
Cipher 5: BCD to ASCII
Answer: Let’s make this a bit trickier…
Task 2: Hashes
If you refer to my previous post, a hash can be cracked using hashcat either by brute force or dictionary. However, it is not a 100% guarantee that the hash can be cracked using the hashcat. For this task, the author suggested using a brute-forcing. However, it is impossible as the permutation is too large and it will take more than a day. The only way to do that is to decrypt it using online tools such as md5decrypt. This is because the hashed text has been stored in their database.
Task 2-1: MD2
This task can be done using this online tool.
Hash: 39d4a2ba07e44421c9bedd54dc4e1182
Answer: MDwhat?
Task 2-2: MD4
From this task onward, the hashes can be cracked using md5decrypt.
Hash: e0418e7c6c2f630c71b2acabbcf8a2fb
Answer: digest the message algorithm
Task 2-3: MD5
Hash: efbd448a935421a54dda43da43a701e1
Answer: 128-bit of delicious hash values
Task 2-4: NTLM
Hash: 11FE61CE0639AC2A1E815D62D7DEEC53
Answer: Microsoft has encryption?
Task 2-5: SHA512
Hash: a361f05487b879f25cc4d7d7fae3c7442e7849ed15c94010b389faafaf8763f0dd022e52364027283d55dcb10974b09e7937f901584c092da65a14d1aa8dc4d8
Answer: 1024 bit blocks!
Task 2-6: SHA256
Hash: d48a2f790f7294a4ecbac10b99a1a4271cdc67fff7246a314297f2bca2aaa71f
Answer: Commonly used in Blockchain
Task 2-7: SHA1
Hash: a34e50c78f67d3ec5d0479cde1406c6f82ff6cd0
Answer: The OG
Task 3: Spectrogram
This task is easy. Just download any sound or wave analyzer tool such as aducity. For this task, I going to use wavepad. Simply open the downloaded wave file and open it up in TFFT (Tool > TFFT). A message will be revealed.
Answer: Super Secret Message
Task 4: Steganography
This task can be solved either by an online tool or steghide. I prefer steghide. The hidden file within the image can be extracted using the following command
$ steghide extract -sf stegosteg.jpgAfter that, a file named steganopayload2248.txt will be extracted from the image as shown in the figure below.
Task 5: What is inside the file?
This task cannot simply be solved by steghide. There is another dumb way to do it which is open the file as a txt. Both answers for the task is on the last few paragraphs.
Answer (Task 5-1): hackerchat.png
Answer (Task 5-2): AHH_YOU_FOUND_ME!
Conclusion
This challenge is much easier when compared to the last one. This Task 1 is enlightening me as it covers more on basic of ciphering. However, Task 2 is a little bit of disappointed as the description made some confusion for beginners. Other than that, well done to the creator of the room. That’s all for my second CTF challenge, until next time!
The embedded world 